1. PCI-DSS
Approach & Unique Value
Proposition for PCI-DSS
Implementation
13-09-2019 Vikrant Burbure Email: vikrantburbure190@gmail.com
Executive Summary
As a Assistant Consultant with Risk Advisory Services practice in Ernst & Young (India) & Also
was technology security Consultant at Finacus Solutions Pvt ltd.
Has a total of 3+ years of experience in the field of Information and Cyber Security. With
MBA-ITBM Post graduate in Information technology business management stream from
Symbiosis Centre for Information Technology.
Certifications Acquired –LA ISO27001, PCI-DSS Implementer, ISO 31000 Implementer.
Contain Table
Approach - PCI- DSS
Unique Value Proposition
2. Approach - PCI- DSS
The Payment Card Industry Data Security Standard (PCI DSS) provides a detailed, Requirements structure for securing cardholder data that is stored, processed and/ or transmitted
PCI-DSS
Compliant
Understanding
Business
Functionality
Implementation
of PCI-DSS
Requirements
Managing and
Monitoring PCI-
DSS Requirements
Maintaining PCI-
DSS Ecosystem
Prioritizing PCI DSS Compliance Implementations
1. Remove sensitive authentication data and limit data
retention.
2. Protect systems and networks & be prepared to respond to
a system breach.
3. Secure payment card applications.
4. Monitor and control access to your systems.
5. Protect stored cardholder data.
6. Finalize remaining compliance efforts, and ensure all
controls are in place.
Implementation
PCI- DSS Management
Documentation
Management
Security
Controls
Management
Assurances Monitoring Maintenances
Risk
Management
Network
Security
System
SecurityProcedure
Policy
Records
ManagementFirewall & System
PCI-DSS
Governance to
support
organisation at
each stage of
PCI DSS
compliance
project.
PCI-DSS
Compliance
Management to
Support
organisation for
certification
13-09-2019 Vikrant Burbure Email: vikrantburbure190@gmail.com
3. PCI-DSS – Integration / Relation with Regulatory Compliances
With the Payment Card Industry Data Security Standard (PCI DSS) the compliances from the regulatory & international compliances segment's are also has to be incorporated as well as in lined
for the IT technologies security management.
Unique Value Proposition
Compliance Mapping & IN lining
IT Technologies
Security &
Compliance
Management
ISO 27001
Controls
PCI-DSS Compliance
RBI
GuidelineAdvisories
NPCI SEBI CERT-IN
Compliance Support
Readiness for
Audit
Internal Audit
Support External
Audit
Record
Management
Verification, Validation
& Support Record
Collection
Completion of the
Certification
Compliance Consultation
13-09-2019 Vikrant Burbure Email: vikrantburbure190@gmail.com